General

  • Target

    build_release4.apk

  • Size

    311KB

  • Sample

    210829-qpfxs8npms

  • MD5

    c86f20dc93c1d5427ae149ce89e764d2

  • SHA1

    c0f961ba8df77cfe6848b6679b94f398bf2e5053

  • SHA256

    1236be7fd1385b2543205404d96f37bded28a626d27d1e0a1dd4c570ef6dd2ad

  • SHA512

    d8a283b5a5225ddfac96c1be5c21ea90b32df70d5639392c8afbc20d675f838459fe0aa428baf7db7b44beab28006df8801d700190351ae28b12e738acc588aa

Malware Config

Extracted

Family

alienbot

C2

http://abindizzobremin.tk

Targets

    • Target

      build_release4.apk

    • Size

      311KB

    • MD5

      c86f20dc93c1d5427ae149ce89e764d2

    • SHA1

      c0f961ba8df77cfe6848b6679b94f398bf2e5053

    • SHA256

      1236be7fd1385b2543205404d96f37bded28a626d27d1e0a1dd4c570ef6dd2ad

    • SHA512

      d8a283b5a5225ddfac96c1be5c21ea90b32df70d5639392c8afbc20d675f838459fe0aa428baf7db7b44beab28006df8801d700190351ae28b12e738acc588aa

    • Alienbot

      Alienbot is a fork of Cerberus banker first seen in January 2020.

    • Reads name of network operator

      Uses Android APIs to discover system information.

MITRE ATT&CK Matrix

Tasks